Cyber attacks can happen anytime to anyone. But one thing that’s certain is that changes in the world this year have a direct effect on the development of more complex attacks in 2022.
With that, cybersecurity company Kaspersky has prepared a forecast based on trends its research and analysis Team observed this year to help you and the IT community prepare for the challenges ahead.
1. Private sector supporting an influx of new APT players
The use of surveillance software, or ones that track the operations and activities of PC or mobile users, has become rampant this year. This can be seen with the damages caused by spyware like Project Pegasus on iOS users, FinSpy on Android, and Slingshot on internet routers.
The potential of commercial surveillance software makes it a lucrative business for those who supply it to cybercriminals. Therefore, Kaspersky experts believe that vendors of such software will diligently expand in cyberspace and provide their services to new advanced threat actors until governments begin to regulate its use.
2. Mobile devices will continue to be targets of more sophisticated attacks
Mobile devices have always been a tidbit for attackers, with smartphones traveling along with their owners everywhere, and each potential target acting as a storage for a huge amount of valuable information. In 2021, Kaspersky has seen more in-the-wild zero-day attacks on iOS than ever before.
Unlike on a PC or Mac, where the user has the option of installing a security package, on iOS, such products are either curtailed or simply non-existent. This creates extraordinary opportunities for advanced persistent attacks (APTs).
3. Continued exploitation of work-from-home setup
With remote work, cybercriminals will continue to use unprotected or unpatched employees’ home computers as a way to penetrate corporate networks. Social engineering to steal credentials and brute-force attacks on corporate services to gain access to weakly protected servers will continue.
4. Explosion of attacks against cloud-based systems
Numerous businesses are incorporating cloud computing and software architectures based on microservices and running on third-party infrastructure, which is more susceptible to hacks. This makes more companies prime targets for sophisticated attacks in the coming year.
5. Low-level attacks are making a comeback
Owing to the increasing popularity of Secure Boot, a security standard that ensures a device boots using only trusted software, cybercriminals are forced to look for new ways to bypass a device’s security system. Thus, growth in the number of bootkits is expected in 2022.
The APT predictions have been developed thanks to Kaspersky’s threat intelligence services used around the world. Read the full report on Securelist.